<?php
require('qs_connection.php');
require('qs_functions.php');
@session_start();
$row = "";
$err_string = "";
$strkeyword = "";
$sortstring = "";
$icon = "";
//Check security login 
$pagesecure_level = 7;
if (strtoupper(qsrequest("logout"))=="Y") {
    $_SESSION["UserLevel"] = 0;
    $_SESSION["Logon"] = "FALSE";
    $_SESSION["UserLogon"] = "";
    $_SESSION["RedirectURL"] = qssession("firstredirecturl");
    header ("Location: ./global_group_login.php");
    exit();
}
if (qssession("Logon") != "TRUE") {
    $_SESSION["RedirectURL"] = "./" . rawurlencode("projects_search").".php?" . qsservervars("QUERY_STRING");
    header ("Location: ./global_group_login.php");
    exit();
}
if (qssession("UserLevel") == "") {
    $_SESSION["UserLevel"] = 0;
}
if (qssession("UserLevel") < $pagesecure_level) {
    $_SESSION["Logon"] = "FALSE";
    $_SESSION["RedirectURL"] = "./" . rawurlencode("projects_search").".php?" . qsservervars("QUERY_STRING");
    include_once('global_group_login.php');
    exit();
}

$sql = "";
$sql_ext = "";
$fields = array();
$fields[0] = "ProjectID";
$fields[1] = "ProjectName";
$fields[2] = "Currency";
$fields[3] = "DateOfDataCollection";
$arryitemvalue = array();
$arryitemvalue[0] = "";
$arryitemvalue[1] = "";
$arryitemvalue[2] = "";
$arryitemvalue[3] = "";
$arryopt = array();
$arryopt[0] = "";
$arryopt[1] = "";
$arryopt[2] = "";
$arryopt[3] = "";
$arryandoropt = array();
$arryandoropt[0] = "";
$arryandoropt[1] = "";
$arryandoropt[2] = "";
$arryandoropt[3] = "";
$sql .= " Select\n";
    $sql .= "     tblproject.`ProjectID`,\n";
    $sql .= "     tblproject.`ProjectName`,\n";
    $sql .= "     tblproject.`Currency`,\n";
    $sql .= "     tblproject.`DateOfDataCollection`\n";
    $sql .= " From\n";
    $sql .= "     tblproject   tblproject\n";

if (strpos(strtoupper($sql), " WHERE ")) {
   $sqltemp = $sql . " AND (1=0) ";
}else{
   $sqltemp = $sql . " Where (1=0) ";
}
$result = mysql_query($sqltemp . " " . $sql_ext . " limit 0,1")
          or die("Invalid query");
if (isset($_POST["act"])) {
    $_SESSION["projects_projects"] = "";
    $filter_string = "";
    $qry_string = "";
    $i = 0;
    while ($i < mysql_num_fields($result)) {
        $meta = mysql_fetch_field($result);
        $field_name = $meta->name;
        $field_type = $meta->type;
        //get field type
        $type_field = "";
        $type_field = returntype($field_type);
        //clear session
        $_SESSION["projects_search_fd" . $i] = "";
        $_SESSION["projects_multisearch_fd" . $i] = "";
        $_SESSION["projects_search_fd_" . $i] = "";
        if ((qsrequest("search_fd" . $i) != "") && (qsrequest("search_fd" . $i) != "*")) {
            $idata = qsrequest("search_fd" . $i);
            if (strlen($idata) > 1) {
                if ($idata[strlen($idata) - 1] == "*") {
                    $idata = substr($idata, 0, strlen($idata) - 1);
                }
            }
            $idata = str_replace("*", "%", $idata);
            $irealdata = $idata;
            if (qsrequest("search_optfd".$i) != "") {
              $idata = qsrequest("search_optfd". $i) . $idata ;
            }
            $iopt = substr($idata, 0, 2);
            if (($iopt == "<=") || ($iopt == "=<")) {
                $iopt = "<=";
                $irealdata = substr($idata, 2);
            } elseif (($iopt == ">=") || ($iopt == "=>")) {
                $iopt = ">=";
                $irealdata = substr($idata, 2);
            } elseif ($iopt == "==") {
                $iopt = "=";
                $irealdata = substr($idata, 2);
            } elseif ($iopt == "<>") {
                $irealdata = substr($idata, 2);
            } elseif ($iopt == "^^") {
                      $iopt = "*";
            	$idata =  $iopt . $irealdata . $iopt; // Contain
                  } elseif ($iopt == "^*") {
                      $iopt = "*";
            	$idata =  $irealdata . $iopt; // Start With
                  } elseif ($iopt == "*^") {
                      $iopt = "*";
            	$idata =  $iopt . $irealdata ; // End With
            } else {
                $iopt = substr($idata, 0, 1);
                if (($iopt == "<") || ($iopt == ">") || ($iopt == "=")) {
                    $irealdata = substr($idata,1);
                } else {
                    $iopt = "=";
                }
            }
            if (qsrequest("andor_optfd".$i) != "") {
                $idata = qsrequest("andor_optfd". $i) . $idata ;
            }
        if (!strcasecmp($idata,"{current date and time}")) {
            $idata = time();
        } elseif (!strcasecmp($idata,"{current date}")) {
            $idata = time();
        } elseif (!strcasecmp($idata,"{current time}")) {
            $idata = time();
        }
            if ($meta) {
                if ($type_field == "type_datetime") {
                    if ((($timestamp = strtotime($irealdata)) !== -1)) {
                        if ($qry_string == "") {
                            $qry_string = "search_fd" . $i . "=" . urlencode($idata);
                            $filter_string = $field_name . " like '%" . $idata . "%'";
                        } else {
                            $qry_string .= "&search_fd" . $i . "=" . urlencode($idata);
                            $filter_string .= " and " . $field_name . " like '%" . $idata . "%'";
                        }
                    } else {
                        $err_string .= "<strong>Error:</strong>while searching.<strong>" . $field_name . "</strong>.<br>";
                        $err_string .= "Description: Invalid DateTime.<br>";
                    }
                } elseif ($type_field == "type_integer") {
                    if (is_numeric($irealdata)) {
                        if ($qry_string == "") {
                            $qry_string = "search_fd" . $i . "=" . $idata;
                            $filter_string = $field_name . " " . $iopt . " " . $irealdata;
                        } else {
                            $qry_string .= "&search_fd" . $i . "=" . $idata;
                            $filter_string .= " and " . $field_name . " " . $iopt . " " . $irealdata;
                        }
                    } else {
                        $err_string .= "<strong>Error:</strong>while searching.<strong>" . $field_name . "</strong>.<br>";
                        $err_string .= "Description: Type mismatch.<br>";
                    }
                } elseif ($type_field == "type_string") {
                    if ($qry_string == "") {
                        $qry_string = "search_fd" . $i . "=" . urlencode(stripslashes($idata));
                        $filter_string = $field_name . " like '" . $irealdata . "%'";
                    } else {
                        $qry_string .= "&search_fd" . $i . "=" . urlencode(stripslashes($idata));
                        $filter_string .= " and " . $field_name . " like '" . $irealdata . "%'";
                    }
                } else {
                    if ($qry_string == "") {
                        $qry_string = "search_fd" . $i . "=" . urlencode(stripslashes($idata));
                        $filter_string = $field_name . " = '" . $irealdata . "'";
                    } else {
                        $qry_string .= "&search_fd" . $i . "=" . urlencode(stripslashes($idata));
                        $filter_string .= " and " . $field_name . " = '" . $irealdata . "'";
                    }
                }
            }
        }
        if (qsrequest("multisearch_fd" . $i) != "") {
            if ($qry_string == "") {
                $qry_string = "multisearch_fd" . $i . "=" . qsrequest("multisearch_fd" . $i);
            } else {
                $qry_string = $qry_string . "&multisearch_fd" . $i . "=" . qsrequest("multisearch_fd" . $i);
            }
        }
        //begin search between see variable 'search_fd_(n)'
        if (qsrequest("search_fd_" . $i) != "") {
            $idata = qsrequest("search_fd_" . $i);
            if (strlen($idata) > 1) {
                if ($idata[strlen($idata) - 1] == "*") {
                    $idata = substr($idata, 0, strlen($idata) - 1);
                }
            }
            $idata = str_replace("*", "%", $idata);
            $irealdata = $idata;
            if (qsrequest("search_optfd_".$i) != "") {
                $idata = qsrequest("search_optfd_". $i) . $idata ;
            }
            if ($meta) {
                if ($type_field == "type_datetime") {
                   if ((($timestamp = strtotime($irealdata)) !== -1)) {
                       if ($qry_string == "") {
                           $qry_string = "search_fd_" . $i . "=" . urlencode($idata);
                           $filter_string = $field_name . " like '%" . $idata . "%'";
                       } else {
                           $qry_string .= "&search_fd_" . $i . "=" . urlencode($idata);
                           $filter_string .= " and " . $field_name . " like '%" . $idata . "%'";
                       }
                   } else {
                       $err_string .= "<strong>Error:</strong>while searching.<strong>" . $field_name . "</strong>.<br>";
                       $err_string .= "Description: Invalid DateTime.<br>";
                   }
                } elseif ($type_field == "type_integer") {
                   if (is_numeric($irealdata)) {
                       if ($qry_string == "") {
                           $qry_string = "search_fd_" . $i . "=" . $idata;
                           $filter_string = $field_name . " " . $iopt . " " . $irealdata;
                       } else {
                           $qry_string .= "&search_fd_" . $i . "=" . $idata;
                           $filter_string .= " and " . $field_name . " " . $iopt . " " . $irealdata;
                       }
                   } else {
                        $err_string .= "<strong>Error:</strong>while searching.<strong>" . $field_name . "</strong>.<br>";
                        $err_string .= "Description: Type mismatch.<br>";
                   }
               }
           }
        }
        $i++;
    }
    if ($result > 0) {mysql_free_result($result);}
  if (qsrequest("search_sort") <> "") {
	    $sortstring = qsrequest("search_sort");
  }
  if (qsrequest("page_size") <> "") {
	    $page_size = qsrequest("page_size");
  }
#----get submit url page----
    $submiturl = "./projects.php?";
    if ($err_string == "") {
        if ($qry_string != "") {
            $URL= $submiturl . "&" . $qry_string;
        } else {
            $URL= $submiturl;
        }
        header ("Location: $URL");
        exit;
    }
} else {
    $sortstring  = "";
    if (qssession("sortfield") != "") {
         $sortstring = "&sortfield=" . urlencode(stripslashes(qssession("sortfield"))) . "&sortby=" . urlencode(stripslashes(qssession("sortby")));
    }
    if (qssession("page_size") != "") {
         $page_size = urlencode(stripslashes(qssession("page_size")));
    }
    $i=0;
    while ($i < mysql_num_fields($result)) {
$strkeyword = "";
$iopt = "";
$idata = "";
if ((!isset($_GET["search_fd".$i])) && (!isset($_POST["search_fd".$i]))) {
    $arryitemvalue[$i] = "";
    $arryopt[$i]="";
} else {
    # Check value for advance search
    $idata = qsrequest("search_fd" . $i);
    $icon = "";
    if (substr($idata, 0, 2) == "||") {
        $icon = "||";
        $idata = substr($idata, 2);
    }
    $iopt = substr($idata, 0, 2); // Get 2 of left keyword
    if (($iopt == "<=") || ($iopt == "=<")){
        $iopt  = "<=";
        $strkeyword = substr($idata, 2);
    }elseif (($iopt == ">=") || ($iopt == "=>")){
        $iopt = ">=";
        $strkeyword = substr($idata, 2);
    }elseif ($iopt == "==" ){
        $iopt = "==";
        $strkeyword = substr($idata, 2);
    }elseif ($iopt == "<>"){
        $strkeyword = substr($idata, 2);
    } else {
        $startstrdata = substr($idata,0,1) ;
        $endstrdata = $idata[strlen($idata) - 1];
        if (($startstrdata != "%" ) && ($endstrdata != "%")){
            if (($startstrdata == "<") || ($startstrdata == ">") || ($startstrdata == "=")) {
                if ($startstrdata == "<") {
                    $strkeyword = str_replace("<","", $idata) ;
                    $iopt = "<";
                }elseif($startstrdata == ">")  {
                    $strkeyword = str_replace(">","", $idata) ;
                    $iopt = ">";
                } else {
                    $strkeyword = str_replace("=","", $idata) ;
                    $iopt = "=";
                }
            }else {
                $arryitemvalue[$i] = $idata;
                $strkeyword = $idata;
            }
        }else {
            if (($startstrdata == "%" ) && ($endstrdata == "%")) {  # Contain Case
                $startstrdata = str_replace("%","", $idata) ;
                $strkeyword  = substr($idata,1, (strlen($idata)-2));
                $iopt = "^^" ;
            }elseif (($startstrdata != "%" ) && ($endstrdata == "%")) {  # Start With Case xx*
                $strkeyword  = substr($idata,0, (strlen($idata)-1));
                $iopt = "^*";
            }elseif (($startstrdata == "%" ) && ($endstrdata != "%")) { # End With Case *xx
                $strkeyword  = substr($idata,1, (strlen($idata)));
                $iopt = "*^";
            }
        }// end eheck one charator
   }//end of check 2 first character
   $arryitemvalue[$i] = $strkeyword;
   $arryopt[$i] = $iopt;
   $arryandoropt[$i] = $icon;
}
$i += 1;
}// end while
if ($result > 0) {mysql_free_result($result);}
}
?>
<HTML>
<HEAD>
<Title>Find Projects</Title>

<link rel="stylesheet" type="text/css" href="projects_search.css">
<meta name="generator" content="dbQwikSite Ecommerce">
</HEAD>
<BODY><script language="javascript" src="./js/qs_menu.js"></script>
<Center><p align="left"><img style="left: 10px; top: 15px" alt="efd" hspace="0" src="http://www.evidencefordevelopment.com/templates/247extender_b/images/efd_100x65.png" align="baseline" border="0" />
<center><strong><font size="5">
Find Projects
</font></strong></center><br>

<A NAME=top></A>
<Form name="qs_search_form" method="post" action="./projects_search.php">
<script language='javascript' src='qwikcalendar.js'></script>

<script>
function getURLParam(strParamName){
var strReturn = "";
var strHref = window.location.href;
if ( strHref.indexOf("?") > -1 ){
  var strQueryString = strHref.substr(strHref.indexOf("?")).toLowerCase();
  var aQueryString = strQueryString.split("&");
  for ( var iParam = 0; iParam < aQueryString.length; iParam++ ){
    if (
	aQueryString[iParam].indexOf(strParamName + "=") > -1 ){
      var aParam = aQueryString[iParam].split("=");
      strReturn = aParam[1];
      break;
    }
  }
}
return strReturn;
}
</script>


<Table Border="0" Cellpadding="2" Cellspacing="1" BgColor="#10783F">

<tr>
<td colspan="2" class="ThRows">Find Projects</td>
</tr>
<?php
$css_class = "\"TrOdd\"";
if ($err_string != "") {
    print "<tr>";
    print "<td class=\"ThRows\"><Strong>Error:</Strong></td>";
    print "<td  colspan=\"2\" class=" . $css_class . " align=Default>" . $err_string . "</td>";
    print "</tr>";
}
?>
<tr>
<td class="ThRows">Project Name</td>
<?php
$cellvalue = "";
if ((!isset($_GET["search_fd1"])) && (!isset($_POST["search_fd1"]))) {
    $itemvalue = "";
} else {
    $itemvalue = $arryitemvalue[1];
}

    $cellvalue = "<select name=\"search_optfd1\"><option value=\"^^\"" . qscheckselected("^^",$arryopt[1],"selected") . ">contains</option><option value=\"^*\"" . qscheckselected("^*",$arryopt[1],"selected") . ">starts with</option><option value=\"*^\"" . qscheckselected("*^",$arryopt[1],"selected") . ">ends with</option><option value=\"==\"" . qscheckselected("==",$arryopt[1],"selected") . ">is equal to</option><option value=\"<>\"" . qscheckselected("<>",$arryopt[1],"selected") . ">is not equal to</option><option value=\"<\"" . qscheckselected("<",$arryopt[1],"selected") . ">is less than</option><option value=\"<=\"" . qscheckselected("<=",$arryopt[1],"selected") . ">is less than or equal to</option><option value=\">\"" . qscheckselected(">",$arryopt[1],"selected") . ">is greater than</option><option value=\">=\"" . qscheckselected(">=",$arryopt[1],"selected") . ">is greater than or equal to</option></select><input type=\"text\" name=\"search_fd1\" value=\"" . qsreplace_html_quote(stripslashes($arryitemvalue[1])) . "\" size=\"30\"  maxlength=\"50\" >" . "<input type=\"hidden\" name=\"multisearch_fd1\" value=\"\">";
    if ($cellvalue == "") {
        $cellvalue = "&nbsp;";
    }
    print "<td class=" . $css_class . " align=Default >" . $cellvalue . "</td>";
?>
</tr>
<tr>
<td class="ThRows">Currency</td>
<?php
$cellvalue = "";
if ((!isset($_GET["search_fd2"])) && (!isset($_POST["search_fd2"]))) {
    $itemvalue = "";
} else {
    $itemvalue = $arryitemvalue[2];
}

    $cellvalue = "<select name=\"search_optfd2\"><option value=\"^^\"" . qscheckselected("^^",$arryopt[2],"selected") . ">contains</option><option value=\"^*\"" . qscheckselected("^*",$arryopt[2],"selected") . ">starts with</option><option value=\"*^\"" . qscheckselected("*^",$arryopt[2],"selected") . ">ends with</option><option value=\"==\"" . qscheckselected("==",$arryopt[2],"selected") . ">is equal to</option><option value=\"<>\"" . qscheckselected("<>",$arryopt[2],"selected") . ">is not equal to</option><option value=\"<\"" . qscheckselected("<",$arryopt[2],"selected") . ">is less than</option><option value=\"<=\"" . qscheckselected("<=",$arryopt[2],"selected") . ">is less than or equal to</option><option value=\">\"" . qscheckselected(">",$arryopt[2],"selected") . ">is greater than</option><option value=\">=\"" . qscheckselected(">=",$arryopt[2],"selected") . ">is greater than or equal to</option></select><input type=\"text\" name=\"search_fd2\" value=\"" . qsreplace_html_quote(stripslashes($arryitemvalue[2])) . "\" size=\"30\"  maxlength=\"3\" >" . "<input type=\"hidden\" name=\"multisearch_fd2\" value=\"\">";
    if ($cellvalue == "") {
        $cellvalue = "&nbsp;";
    }
    print "<td class=" . $css_class . " align=Default >" . $cellvalue . "</td>";
?>
</tr>
<tr>
<td class="ThRows">Date Of Data Collection</td>
<?php
$cellvalue = "";
if ((!isset($_GET["search_fd3"])) && (!isset($_POST["search_fd3"]))) {
    $itemvalue = "";
} else {
    $itemvalue = $arryitemvalue[3];
}

    $cellvalue = "<select name=\"search_optfd3\"><option value=\"==\"" . qscheckselected("==",$arryopt[3],"selected") . ">is equal to</option><option value=\"<>\"" . qscheckselected("<>",$arryopt[3],"selected") . ">is not equal to</option><option value=\"<\"" . qscheckselected("<",$arryopt[3],"selected") . ">is less than</option><option value=\"<=\"" . qscheckselected("<=",$arryopt[3],"selected") . ">is less than or equal to</option><option value=\">\"" . qscheckselected(">",$arryopt[3],"selected") . ">is greater than</option><option value=\">=\"" . qscheckselected(">=",$arryopt[3],"selected") . ">is greater than or equal to</option></select>" ."<input type=\"text\" name=\"search_fd3\" value=\"" . qsreplace_html_quote(stripslashes($arryitemvalue[3])) . "\"><a href=\"#search_fd3\"><a name=\"search_fd3\"><img src=\"images/Calendar.gif\" width=\"20\" height=\"21\" border=0 align=\"absmiddle\" onClick=\"popUpCalendar(this, document.forms[0].search_fd3, 'mm/dd/yyyy', 0, 0)\"></a>" . "<input type=\"hidden\" name=\"multisearch_fd3\" value=\"\">";
    if ($cellvalue == "") {
        $cellvalue = "&nbsp;";
    }
    print "<td class=" . $css_class . " align=Default >" . $cellvalue . "</td>";
?>
</tr>
<?php
#----get back url page----
  $backurl = "./projects.php?";
?>
<tr>
<td colspan="2" class="ThRows" align=Center>
<input type="hidden" name="act" value="n">
<input type="button" name="QS_Back" value="Back" OnClick="javascript:window.location='<?php print $backurl; ?>'">&nbsp;&nbsp;
<input type="submit" name="QS_Submit" value="Search">&nbsp;&nbsp;
<input type="button" name="QS_Clear" value="Clear" OnClick="location='projects_search.php'">
</td>
</tr>
</Table><br>
</Form>
<?php
if ($link > 0) {mysql_close($link);}
?>
<A NAME=bottom></A>
</Center>

</BODY>
</HTML>
